I've finally decided to keep ppp0 in default kernel's rdomain 0. It seems more efficient is to move em0 into rdomain 1 and start all the services related to em0 using rtable 1.
But one question. How to keep OpenVPN functionality for em0 in rdomain 1? # cat /etc/hostname.tap0 up description 'conn1' inet 192.168.1.1 255.255.255.0 192.168.1.255 !/usr/bin/env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib /usr/local/sbin/openvpn --config /etc/openvpn/server.conf Does it work, if I changed last row to: !/sbin/route -T1 exec /usr/bin/env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib /usr/local/sbin/openvpn --config /etc/openvpn/server.conf On 12/10/2018 12:56 PM, Stuart Henderson wrote: > On 2018-12-09, Denis <den...@mindall.org> wrote: >> Stuck when running cvsync in rdomain 1. It seems cvsync does not using >> second routing table because of pf.conf misconfiguration or something. >> >> em0 as a main ISP channel, ppp0 works as reserved wireless ISP channel. >> Some system services like cvsync, git, ntp should use second routing >> table (rtable 1) assigned to ppp0. >> >> # route -T1 exec cvsync -c /etc/cvsync.conf >> Connecting to cvsync_server_remote_IP port 7777 >> host cvsync_server_remote_IP port 7777: Can't assing requested address >> service is not available at cvsync_server_remote_IP port 7777 >> >> --- configs >> # cat /etc/hostname.em0 >> rdomain 0 >> dhcp >> >> # cat /etc/hostname.ppp0 >> rdomain 1 >> dhcp > > DHCP doesn't run on PPP. > >> # pppd call ISP >> >> # ifconfig ppp0 >> ppp0: flags=8051<UP,POINTTOPOINT,RUNNING,MULTICAST> rdomain 1 mtu 1500 >> index 7 priority 0 llprio 3 >> grups: ppp >> inet ISP_ppp0_gateway --> local_ppp0_IP netmask 0xffffffc0 >> >> # route -T1 show >> local_ppp0_IP ISP_ppp0_gateway_IP UH Prio 8 ppp0 >> ISP_ppp0_gateway_IP ISP_ppp0_gateway_IP UHl Prio 1 ppp0 > > No default route. Perhaps you need to run pppd in rdomain 1? > >> # cat /etc/pf.conf >> ... >> match out on rdomain 0 from lo0 to any nat-to (em0) port 1024:65535 rtable 0 >> match out on rdomain 1 from lo0 to any nat-to (ppp0) port 1024:65535 >> rtable 1 >> ... >> pass out quick on ppp0 inet proto tcp from (ppp0) to any port 7777 flags >> S/SA modulate state queue cvs >> ... > > As an aside, I would recommend using rsync rather than cvsync - many > of the repo mirrors offer this, it's noted on cvsync.html. cvsync is > fragile and frequently breaks. >
